Step-by-Step Guide to AWS Systems Manager (EC2 Instances) – Part 1

In this blog post I’ll show you how to configure the relevant components to enable your Amazon EC2 instances to have the ability to be managed via AWS Systems Manager. In a follow up post, I’ll then show you how to configure the relevant components to allow you to also manage existing on-premises infrastructure via AWS Systems Manager.

There are 2 different types of instances that can be registered with AWS Systems Manager:

Amazon EC2 Instances that are within the Amazon Platform.

On-Premises Instances which are either Physical or Virtual.

In this blog post, I’ll walk through how to get either an Amazon EC2 instance to report into AWS Systems Manager.

Create the IAM Role to enable access for EC2 instances

Login to the AWS Management Console.

Navigate to Identity and Access Management (IAM).

Click Roles.

Click Create Role.

Select AWS Service and Click EC2.

Click Next:Permissions.

Filter on ‘SSM’ to make finding the correct policy easier.

Select ‘AmazonEC2RoleforSSM’

Click Next:Review.

Give the IAM Role a name such as ‘ManagedInstanceRoleforSSM’.

Click Create Role.

Installing the SSM Agent

The SSM Agent should be pre-installed on an Amazon EC2 instances when it’s launched or at least it was for myself when I deployed the Amazon Linux AMI. Alternatively, if the SSM Agent isn’t installed on the Amazon EC2 instance then depending upon the operating system you can do the following:

Existing Amazon Linux EC2 instances

Create a temporary directory on the instance.

Change to the temporary directory.

Use one of the following commands to download and run the SSM installer.

64-bit instances:

32-bit instances:

Run the following command to determine if SSM Agent is running. The command should return the message “amazon-ssm-agent is running.”

Amazon Linux

Amazon Linux 2

Run the following commands if the previous command returns the message “amazon-ssm-agent is stopped.”